A Simple Typo in Google Search for Sony’s Soneium Led to a Crypto Wallet Drainer

Clever Phishing Scam Targeting Crypto Enthusiasts

A recent investigation by Scam Sniffer has unveiled a serious threat lurking in the search results for “Soneium,” a blockchain project by Sony.

Users searching for this Ethereum layer-2 blockchain were misled by a sponsored Google ad, which appeared to link to the project’s official site.

Instead, the ad directed them to a cleverly crafted phishing site designed to steal crypto assets.

“This ad is a perfect example of how phishing can happen to anyone,” Scam Sniffer noted in an October 22 post on X. “You might not even realise you’re a target unless you misspell ‘Soneium’ as ‘Someium.’”

The fraudulent site, which was deceptively similar to Soneium’s actual domain, masqueraded as a basic landing page for a radiology service based in the UK.

Users who unwittingly clicked the ad found themselves on a site rigged with a hidden wallet drainer, ready to siphon their cryptocurrency.

How Do These Phishing Scams Work?

The site creators employed dynamic redirects to disguise their malicious page as legitimate, evading detection by Google.

“It’s hard to see it unless you are targeted, and that’s why Google couldn’t know [about] it,” Scam Sniffer explained.

Typically, Google phishing ads redirect users to official sites unless specifically targeted, making it easy for potential victims to overlook the warning signs.

Source: X @realScamSniffer

Just last month, Scam Sniffer had warned that another crypto platform, Polymarket, faced similar threats through sponsored ads on Google.

A Wider Trend of Crypto Theft

This alarming incident is part of a broader trend in cryptocurrency scams.

Sponsored Business Content

In September alone, over $46 million worth of crypto was stolen from more than 10,800 victims of phishing schemes.

In the third quarter of 2024, the total losses soared to over $127 million, with Ether wallets being the prime target for these attacks.

Scam Sniffer previously reported that scammers had netted over $4 million in just a few weeks by exploiting similar malicious phishing sites promoted on Google Search.

The Rise of Malicious Apps and Malware Threats

In addition to phishing websites, cybercriminals have expanded their arsenal with fraudulent applications.

A recent report revealed that a fake cryptocurrency wallet app, named WalletConnect, managed to deceive more than 10,000 users, resulting in $70,000 stolen from unsuspecting individuals.

This sophisticated scam, the first of its kind targeting mobile users exclusively, cleverly mimicked the reputable WalletConnect protocol to lure victims.

Meanwhile, cybersecurity firms have identified new malware threats such as the “Cthulhu Stealer,” which affects MacOS systems.

Disguised as legitimate software, this malware targets sensitive personal information, including MetaMask passwords and private keys for cold wallets.

These developments showcase the ongoing struggle faced by crypto users in a digital landscape rife with deception and malicious intent.

As scams grow more sophisticated, vigilance remains crucial.